Jump to content

Log out of a .htaccess directory

Ice IT Support
 Share

Recommended Posts

Ice IT Support Newbie

Ice IT Support

Posted
Posted

I have a password protected directory using .htaccess that I want to create a logout link for. The apache forum says it is not possible, but I was wondering if anyone knows of a way to log out of a .htaccess protected directory (without closing the browser window) or a code to clear the browser's authentication cache? Thanks!

Link to comment
Share on other sites
Byron Explorer

Byron

Posted
Posted

May I ask why you need to logout of a password protected directory without closing your browser? From all that I've read Apache is pretty much right. cPanel has a logout link that logs you out but a search for how it's done brings nothing up. If you just trying to do this on a couple of pages I can give you a simple php script that goes at the top of your page that will require a password and it will let you log out. If your interested let me know.

 

 

Link to comment
Share on other sites
Ice IT Support Newbie

Ice IT Support

Posted
  • Author
Posted

Well mainly for convenience. I and a few other users tend to have many windows with many tabs open at once. Also for when the users need access to the resource on public computers. I'm interested in the script you have, that would be great!

Link to comment
Share on other sites
Byron Explorer

Byron

Posted
Posted

Here's what it looks like. The password is chickenlips.

 

http://byrondallas.heliohost.org/temp/password_page.php

 

Here's the code. Just copy and paste it to a page and give it a .php extension. You don't need to know any php, just replace my html with yours. You'll see the comments telling you where. Then you'll see a place at the top to change the password.

 

 

<?php
session_start();
# script by DJ Mike

###### CHANGE PASSWORD HERE ######
$password = "chickenlips";

$form = "<form method=\"post\">
<input type=\"password\" name=\"admin_pass\" value=\"$_SESSION[admin_pass]\" />
<input type=\"submit\" name=\"login\" value=\"login\" />
<input type=\"submit\" name=\"logout\"  value=\"logout\" />
</form>";

if ( isset($_POST[logout]) )
{
unset( $_SESSION[admin_pass] );
session_destroy();
header("location:$_SERVER[PHP_SELF]");
}
?>

<!-- HEAD & BODY OF PAGE -->

<html>
<head>
<title>Login Page</title>
</head>
<body bgcolor="#ffffff" text="#000025">

<center>
<?php
echo "$form";
?>
</center>

<?php
# if not logged in AND incorrect, hide rest of page
if ( $_POST[admin_pass] != "$password" && $_SESSION[admin_pass] != "$password" )
{ 
$_SESSION[admin_pass] = "";
session_destroy();
echo "</body></html>";
exit;
}

if ( $_POST[admin_pass] == "$password" || $_SESSION[admin_pass] != "$password")
{ $_SESSION[admin_pass] = "$password"; 
}
?>

<!-- REST OF YOUR PAGE GOES HERE -->

<br><br><br>
<h3>Your Successfully Logged In</h3>
This is a password protected page. Your page content would go here in place of this message.
</body>
</html>

Link to comment
Share on other sites
Ice IT Support Newbie

Ice IT Support

Posted
  • Author
Posted

Ok Thanks Byron! It works great. But I have a couple of questions. 1) is it possible to have multiple passwords and 2) does this code need to be put on everypage that I want protected in the directory?

Link to comment
Share on other sites
Byron Explorer

Byron

Posted
Posted

The first code I posted doesn't allow for extra passwords and yes you would need to add that to every page you wanted to protect. To make it easier you could change the code around a little and add it as an include to your pages.

 

<?php
session_start();
# script by DJ Mike

###### CHANGE PASSWORD HERE ######
$password = "chickenlips";

$form = "<form method=\"post\">
<input type=\"password\" name=\"admin_pass\" value=\"$_SESSION[admin_pass]\" />
<input type=\"submit\" name=\"login\" value=\"login\" />
<input type=\"submit\" name=\"logout\"  value=\"logout\" />
</form>";

if ( isset($_POST[logout]) )
{
unset( $_SESSION[admin_pass] );
session_destroy();
header("location:$_SERVER[PHP_SELF]");
}
?>
<center>
<?php
echo "$form";
?>
</center>

<?php
# if not logged in AND incorrect, hide rest of page
if ( $_POST[admin_pass] != "$password" && $_SESSION[admin_pass] != "$password" )
{ 
$_SESSION[admin_pass] = "";
session_destroy();
echo "</body></html>";
exit;
}

if ( $_POST[admin_pass] == "$password" || $_SESSION[admin_pass] != "$password")
{ $_SESSION[admin_pass] = "$password"; 
}
?>

 

You would add that code above to a page and call it something like:

 

password.php

 

and then add it to the top of any page like this:

 

<?php
include("password.php");
?>

 

Also keep in mind that any page you add that to has to end in .php

 

-----------------

 

Here's a script I didn't even know I had that I had saved from a while back. It will allow several passwords. This script doesn't require you to logout. The sessions expires after 20 seconds and you can change that time near the top of the script along with the passwords. This too can be added as an include to any page. Download the text file below and then upload it to your site and rename it to something like:

 

password.php

 

http://byrondallas.heliohost.org/temp/password.txt

 

Then include it on a page just like before:

 

<?php
include("password.php");
?>

 

Here's an example. Password either chickenlips or password.

 

http://byrondallas.heliohost.org/temp/password_include.php

 

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...